Automotive industry is currently undergoing an electrification process. In a few years, every new vehicle sold will have some degree of autonomy built in. Carmakers from Google to Apple, Tesla to Volkswagen are trying to make drivers obsolete, handing control of the wheel to a computer that can make intelligent decisions about when to turn and how to brake. Meanwhile, the coronavirus has both strengthened the use case for robot drivers and labs and factories where the technology was being refined. Several of the groups developing self-driving technology set their sights on 2021 for initial deployment, according to a recent report from Bloomberg New Energy Finance—and that was before the Covid-19 pandemic sidelined engineers.
While these driverless cars shall be highly useful for under age, elderly, blind, intoxicated, and handicapped users, however these driverless cars and remote controlled cars can also become terrorist’s best weapon as warned by FBI’s report. These cars can also be hacked by terrorists and used by terrorists to carry out spectacular attacks. All these driverless cars such a GM’s OnStar, Mercedes S-Class and Google driveless cars are connected to internet hence just like other critical infrastructure networks they are vulnerable to hacking by remotely manipulating controls for cruise control, braking, locking/unlocking and accident/airbag reporting to their malicious ends.
In 2015, two security researchers showed how easy it is to hack commercial vehicles. Self-driving lorries which are to be trialled on England’s motorways could be vulnerable to cyber-attack, an official report warned. A feasibility study of the Government’s plan said there was a risk of a ‘malicious takeover’ of the convoys, putting road users at risk. In 2019, the team, from the security lab of the Chinese tech giant Tencent, demonstrated several ways to fool the AI algorithms on Tesla’s car. By subtly altering the data fed to the car’s sensors, the researchers were able to bamboozle and bewilder the artificial intelligence that runs the vehicle.
Terror group Islamic State is employing scientists and weapons experts to convert commercial technologies into lethal weapons to carry out sophisticated “spectacular” attacks in Europe. The IS research and development team has produced fully working remote controlled cars to act as mobile bombs. A video explaining required additions and modifications has also been released to train terrorist groups. It has been reported that they have added sophisticated countermeasures to fool security-men including mannequins with self-regulating thermostats and laser eyes to fool infrared cameras. “This new strategy will eliminate the need for suicide bombers who must sacrifice their lives in order to carry out attacks. In Iraq, for instance, suicide car bombings reach as much as 50 per week, and ISIS is poised to lose thousands of fighters in a matter of months to carry out suicide missions,” writes Chris Loterna of HNGN. Now the researchers are working to help manufacturers defend against attacks for both regular cars and autonomous vehicles.
Self-driving Cars can be hacked
However, the hardware and software behind the technology opens up a range of opportunities to hackers. Rigging a car to drive by itself – or use related technologies like self-parking or lane-change monitoring – needs an array of diverse hardware and software to be installed and co-ordinated. It also requires that a car can get online to access traffic data, connect with other cars to make strategic decisions, and download necessary safety patches.
Jonathan Petit, Principal Scientist at Security Innovation, a software security company has devised a system to hack car’s Lidar sensor, which could trick it into thinking something is directly ahead of it, thus forcing it to slow down. Or attackers could overwhelm it with so many spurious signals that the car would not move at all for fear of hitting phantom obstacles. Petit describes a simple setup he designed using a low-power laser and a pulse generator, which was used send synchronized pulses back to Lidar. These signals were earlier recorded signals from a commercial IBEO Lux lidar unit. Other researchers had previously hacked or spoofed vehicle’s GPS devices and wireless tire sensors. These vulnerabilities could be exploited by terrorists; hence carmakers should start thinking seriously about security of driverless cars.
Researchers trick Tesla’s Autopilot into driving into oncoming traffic
Tesla’s Enhanced Autopilot mode has a range of features, including lane centering, self-parking, automatic lane changes with driver’s confirmation, and the ability to summon the car out of a garage or parking spot. To do all that, it relies on cameras, ultrasonic sensors and radar, as well as hardware that allows a car to process data using deep learning to react to conditions in real-time. APE, the Autopilot engine control unit module, is the key component of Tesla’s auto-driving technology, and it’s where researchers at Keen Security Lab – a division of the Chinese internet giant Tencent Keen – focused their lane-change attack.
One of the most unnerving things they accomplished was to figure out how to induce Tesla’s Autopilot to steer into oncoming traffic. By slapping three stickers onto the road. Those stickers were unobtrusive – nearly invisible – to drivers, but machine-learning algorithms used by the Autopilot detected them as a line that indicated the lane was shifting to the left. Hence, Autopilot steered the car in that direction.
From their recent report:
“Tesla autopilot module’s lane recognition function has a good robustness in an ordinary external environment (no strong light, rain, snow, sand and dust interference), but it still doesn’t handle the situation correctly in our test scenario. This kind of attack is simple to deploy, and the materials are easy to obtain…
Tesla uses a pure computer vision solution for lane recognition, and we found in this attack experiment that the vehicle driving decision is only based on computer vision lane recognition results. Our experiments proved that this architecture has security risks and reverse lane recognition is one of the necessary functions for autonomous driving in non-closed roads. In the scene we build, if the vehicle knows that the fake lane is pointing to the reverse lane, it should ignore this fake lane and then it could avoid a traffic accident.”
Another section of the paper explained how the researchers exploited a now-patched, root-privileged access vulnerability in the APE by using a game pad to remotely control a car. Tesla fixed that vulnerability in its 2018.24 firmware release. The report also showed how researchers could tamper with a Tesla’s auto-wiper system to activate wipers when rain isn’t falling. Tesla’s auto-wiper system, unlike traditional systems that use optical sensors to detect raindrops, uses a suite of cameras that feed data into an artificial intelligence network to determine when wipers should be turned on.
In 2014, a FBI report, hinted at the dangers of fully autonomous cars, such as those being developed by Google and a number of automotive manufacturers, being “more of a potential lethal weapon”, allowing criminals to pack cars full of explosives and send them to a target. Car bombs, an improvised explosive device (IED) placed inside a car or and then detonated, has been a common weapon of assassination, terrorism or guerrilla warfare, to kill the occupants of the vehicle, people near the blast site, or to damage buildings or other property.
IEDs have been found to be fairly difficult to deal with, lethal even with good “standoff” distance; difficult to detect unless all cars moving around a city are stopped and inspected, and easily made with designs available on the Internet. And, under the heading “Multitasking”, the FBI said that “bad actors will be able to conduct tasks that require use of both hands or taking one’s eyes off the road which would be impossible today”. That raised the prospect that suspected criminals would be able to fire weapons at pursuing police cars.
Even the semi-autonomous cars, which free both hands of drivers shall be dangerous, as they shall allow criminals to perform more dangerous missions like shooting at the pursuers, while a car automatically races away from a crime scene. However, the driverless cars shall also aid in effective crime response by security agencies as they shall be able to follow criminals from undetectable range, perform awkward maneuvers more quickly to confuse them and the automated features would allow them to arrive faster at an emergency scene while better avoiding potential collisions, the report notes.
Risks of Autonomous convoys of Vehicles
The UK government has given the go-ahead for the first trials of convoys of semi-automated trucks on UK motorways. Up to three wirelessly connected HGVs will travel in convoy, with acceleration, braking and steering controlled by the lead vehicle, a concept named platooning. Each lorry will have a driver in the cab ready to retake control at any time. Proponents say platooning could cut both congestion and the cost of fuel for hauliers, although motoring organisations have voiced concerns about safety, particularly on motorways. The DfT said the technology could have major benefits, with vehicles in the slipstream using less fuel, lowering emissions and improving air quality.
The report, commissioned by the Department for Transport (DfT), concludes that the system has the potential to reduce accidents and emissions, while improving traffic flow. But it also outlines 20 risks, including cyber-attack and the potential for drivers in the middle and back vehicles to lose concentration. Extreme weather conditions could lead to the sensing system keeping the vehicles a set distance apart malfunctioning. Other cars could enter the convoy by mistake, and the lead lorry could suffer a tyre blow-out.
The report said the probability of a ‘malicious takeover of a platoon (cyber-attack)’ was ‘very low’, but its impact would be ‘very high’ and would involve a ‘threat to road user safety, road infrastructure and reputation’ of the convoy system. A DfT spokesperson said: ‘Platooning will not be permitted on British roads unless it is safe for our network. Public safety is, and always will be, our number one priority.
“The evolution of automotive systems has brought us into a world where both highly connected and autonomously operated vehicles are commonplace,” unnamed researchers at device security provider Riscure wrote in a white paper. “As connectivity of devices increases, so too do risks of hardware and software attacks. Not only does the risk of the attacks rise, but the potential impact and fallout of an attack increases exponentially.”
Computer security researchers Chris Valasek and Charlie Miller are now widely known for remotely hacking a 2014 Jeep Cherokee. As they demonstrated, they could take control of the vehicle’s braking, steering, and acceleration. Valasek and Miller conceded that it is “impossible to make the vehicles attack-proof” due to budget and time constraints, but they can prioritize defensive measures based on analysis of the threat model. “Our number one concern is a cyber-physical attack that would threaten the safety of our customers. If a breach occurred that resulted in loss of privacy or personal information, it would be upsetting. However, such an attack fails to compare to the scenario where a car is compromised and passengers are injured—or worse,” the speakers said.
Causing Collisions And Gridlock In Cities
Researchers at Georgia Tech and Multiscale Systems Inc. investigated the ‘cyber-physical’ risks of hacked Internet-connected vehicles. The rise of connected cars, and the predicted future of automated cars have for some time being worrying regulators. However, until now most of the focus has been on preventing individual accidents, such as when a pedestrian was killed by a self-driving Uber in Arizona in 2018. “Likely impacts of a large-scale hack on traffic flow have yet to be quantified,” said Skanda Vivek, a postdoctoral researcher in the Peter Yunker lab at the Georgia Institute of Technology. “Compromised vehicles are unlike compromised data … collisions caused by compromise vehicles present physical danger to the vehicle’s occupants, and these disturbances would potentially have broad implications for overall traffic flow.”
It’s often suggested that we’re headed for an ‘Internet of Cars’, probably using incoming 5G networks. Whereas a 4G has a latency of 40 milliseconds, it’s just one or two milliseconds on a 5G connection, making real-time vehicle-to-vehicle communications possible. Cue 5G and sensor-driven collision-avoidance technology, but also vehicle-to-infrastructure communications, so a driverless car could respond to a red light. It could also enable citywide traffic management, with a central hub instructing driverless cars which routes to take to keep traffic flowing across a city. The exchange of information will be so critically important for autonomous cars that a hack, even one that creates just a brief interruption to its link to a 5G network, could in theory cause collisions and gridlock.
The research into how hacks could impact traffic flow in New York City was discovered using percolation theory, a mathematical approach based on the statistical analysis of networks. They identified that as vehicles are hacked, clusters of roads become inaccessible from the other. When somewhere between 10-20% of vehicles at rush hour were hacked, the size of the largest cluster dramatically reduced, and half the city became inaccessible from the rest.
Cyber Security of Autonomous vehicles
There are so many different systems all communicating with each other in a car,” says computer scientist Simon Parkinson, who directs the Centre for Cyber Security at the University of Huddersfield, UK. “To really understand all the ways that somebody could try to abuse a system is very complex. There will always be a risk.” Physicists, mathematicians and computer scientists have fortunately built models that simulate some of the possible vulnerabilities but they are by no means exhaustive. “No matter how hard we try and how complex we make the security solutions on vehicles, it is impossible to make something perfectly secure and unhackable,” noted mathematician and security researcher Charlie Miller, now at Cruise Automation in San Francisco, California, in a 2019 essay for IEEE Design&Test.
Efforts should be focused on remote attacks, especially long range, as they could affect many vehicles in a short time frame. “We use the same techniques as we would to secure a very small enterprise network or, more precisely, a small industrial control network,” the speakers said. “For the most part, we don’t need to invent new ways to secure things. We only need to carefully apply industry best practices to this particular problem.”
Cars are essentially a data center on wheels, they explained. Each autonomous car’s trunk is loaded with a system of GPUs and processors, a cooling system, and a computer-controlled motor. Treating each Cruise car as a data center, Miller and Valasek focused on security from the ground up, working on the self-driving car line at Cruise Automation. It’s not so much a test bed for car security overall across the industry as an investigation into what works and what doesn’t, with the goal of using that information to secure its own fleet.
The components communicate with one another using Ethernet cables. The researchers eliminated Wi-Fi and Bluetooth systems, as well as the entertainment unit, which were previous attack vectors. Inbound communications to the vehicle and over-the-air updates were excluded too.
All these vehicles will increasingly rely on software that will need to be updated periodically to fix issues or add new functionality. Today, these updates are mostly performed manually when physically servicing the vehicle. The next big OS war is in your dashboard, says a Wired article. Consider this. New cars roll off the assembly line with 100 million lines of code; this number will easily double with autonomous features. It will become essential to ensure that over-the-air (OTA) updates are authenticated and secure.
In order to perform these updates, automobile manufacturers need to build in and deploy quantum-safe, updatable components. Quantum-safe mechanisms will verify that the updates are not forged and are coming from the original equipment manufacturers. Imagine the billions of dollars of cost savings if car manufacturers could update a component and handle cryptographic changes and eliminate recalls for electric issues – without requiring in-person maintenance and updating.
SK Telecom to launch quantum gateway for self-driving car security
SK Telecom will launch its Quantum Security Gateway solution aimed at preventing hacking in self-driving cars at Mobile World Congress, the company says. The solution is an integrated security device that will be installed inside cars and protect various electronic units and networks in the vehicle.
The gateway, which was co-developed with South Korean controller maker GINT, will monitor various devices for Vehicle-2-Everything (V2X), Bluetooth, radar, smart keys, and driver assistance systems. It will alert the driver and any connected monitoring centre of hacking. The gateway transfers a quantum random number generator and quantum key along with the data that will “fundamentally prevent hacking”, SK Telecom said.
Cyber Security standards
The UK government has announced a new standard in DEc 2018 for cyber security that aims to protect driverless cars from the threat of hacking. The new cyber security standard is effectively a code of conduct for manufacturers and technology firms, allowing them to show that they are working to the principles laid out by the government.
The standard was produced by the British Standards Institute with help from leading automotive firms. Jaguar Land Rover, Bentley and Ford were all involved in the process, along with the National Cyber Security Centre. According to the Department for Transport, the standard is the first publication of its kind anywhere in the world, and “sets a marker” for companies developing driverless cars.
Recommendations include encouraging companies to work together to improve security, fitting back-up procedures to eliminate so-called ‘single points of failure’ and implementing an incident response system to assist motorists whose vehicles have been hacked.
Transport minister Jesse Norman, who is also the MP for Hereford and South Herefordshire, said the new standard would improve the “resilience” of the automotive technology industry. “As vehicles get smarter, major opportunities for the future of mobility increase,” he said. “But so too do the challenges posed by data theft and hacking. This cyber security standard should help to improve the resilience and readiness of the industry, and help keep the UK at the forefront of advancing transport technology.”
References and Resources also include: